Académique Documents
Professionnel Documents
Culture Documents
Primary Benefits
There are several benefits of the Cisco IOS IPS. The feature:
Provides network-wide, distributed protection from many attacks, exploits, worms, and viruses that can exploit vulnerabilities in operating systems and applications
2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
Page 1 of 5
Provides enhanced security down to the substation level and prevents attacks at the substation rather than waiting for information to travel back to the data center
Offers a unique, risk-rating-based signature event action processor that dramatically improves the ease of management of IPS policies
Offers field-customizable worm and attack signature sets and event actions Offers inline inspection of traffic passing through any combination of router LAN and WAN interfaces in both directions
Works with Cisco IOS Firewall, control-plane policing, and other Cisco IOS Software security features to protect the router and networks behind the router
Supports SCADA-specific signatures for monitoring SCADA traffic for vulnerabilities Help utilities meet North American Electric Reliability Corporations Critical Infrastructure Protection (NERC CIP) requirements (see figure 2)
Figure 2.
Table 1.
SCADA Sig ID 5612/0 5613/0 5614/0 5615/0 5616/0 5617/0 5618/0 5619/0 5619/1 5620/0 5621/0 5622/0 5623/0 5624/0 5625/0 5626/0 5627/0 5627/1 5628/0 5629/0 5630/0 5631/0 5632/0 5632/1
2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
Page 3 of 5
Event Monitoring
Upon detecting an attack signature, Cisco IOS IPS can send a syslog message or log an alarm in SDEE format. CCP may be used to monitor events generated by a single router and Cisco IPS Manager Express (IME) may be used to monitor IPS events generated by up to five routers.
SKU Summary
Description Cisco CGR2010 security bundle w/SEC license PAK Cisco SMARTnet with IPS subscription SP Base with IPS subscription
2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
Page 4 of 5
Printed in USA
C11-696141-00
12/11
2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
Page 5 of 5